-3

example.pcap is a traffic capture I have made on my local Linux box of and now I would like to decrypt it.

tshark -o "ssl.desegment_ssl_records: TRUE"
       -o "ssl.desegment_ssl_application_data: TRUE"
       -o "ssl.keys_list: www.example.com,443,http,example.pem"
       -o "ssl.debug_file: /tmp/example.shark.log"
       -nn -r example.pcap port 443
       -w /tmp/example.443decrypted.pcap

but how do I option my key file, which I suppose is my client private key?

Jasmine Lognnes
  • 2,520
  • 8
  • 33
  • 51

1 Answers1

3

The client key is not used as the base for encryption, but only for identification of the client. With RSA key exchange the servers private key is used, which you have hopefully given in ssl.keys_list. With DH key exchange you will not be able to decrypt the pcap file because the key is based on random data only known to client and server.

Steffen Ullrich
  • 13,227
  • 27
  • 39
  • But the client (firefox) must use some sort of key to decrypt the incoming data from the server. It is this I would like to decrypt. – Jasmine Lognnes Nov 09 '14 at 12:13
  • Just to clarify Steffen's point. If the connection used DH key exchange, the key is generated during the DH exchange, it is only known by the active server / client and it is discarded after the connection closes. So, if you want to decrypt the traffic afterwards, you need to have saved the key from client / server memory when the connection was active. – Tero Kilkanen Nov 09 '14 at 13:08
  • Yes, the DH case is not possible, I am interested in the RSA situation. – Jasmine Lognnes Nov 09 '14 at 13:35
  • @JasmineLognnes: With RSA you need only a capture of the initial handshake and the private key of the servers certificate to derive the client and server key used for encryption. See http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html#without-forward-secrecy – Steffen Ullrich Nov 09 '14 at 14:53
  • @SteffenUllrich My browser is able to decrypt the traffic sent from the server to me, so can't I just get hold of that decryption key? Getting the server private key is often not an option. – Jasmine Lognnes Nov 09 '14 at 15:27
  • @JasmineLognnes: If you don't have the servers private key you don't have the necessary information to re-create the keys from a captured handshake. So you have the same problem like in the DH keys. Your only option then is to hack the SSL peers itself to either extract the keys or (maybe easier) to directly access the clear text before encryption or after decryption. – Steffen Ullrich Nov 09 '14 at 15:46
  • Why do I need to recreate the keys? Can't I just save them on the client as it is uding them for decryption? – Jasmine Lognnes Nov 09 '14 at 17:24
  • 1
    @JasmineLognnes: If you find a way inside the application to save the key you could in theory use it. But, usually no application provides such an interface and thus I think you would need to extend tshark yourself if you actually managed to get access to the key. – Steffen Ullrich Nov 09 '14 at 17:28